Breadcrumb

"Securing Innovation: Cybersecurity Tips for Startups" is a free seminar, tailored specifically to startups, combining both technical and organizational aspects of cybersecurity. We will tell you about the various aspects of cybersecurity and how to plan for and integrate them early on, spicing thingsupa bit with a few demos and we're counting on you for a lively discussion of startup security challenges over pizza.

This is a set of trainings and workshops designed and delivered by Robert Seacord and CERT-SEI team, Carnegie Mellon. Provide detailed explanation of common programming principles and errors in C and C++ and describing how these errors can lead to code that is vulnerable to exploitation.

This three-day course introduces a model-based process improvement approach to managing operational resilience using the CERT® Resilience Management Model (CERT-RMM) v1.1. CERT-RMM is a maturity model that promotes the convergence of security, business continuity, and IT operations activities to help organizations actively direct, control, and manage operational resilience and risk.

This is a 2-day course on how to manage operational risk, stay productive under stress and disruption, assess and improve our readiness to ‘handle the unknown’. Based on the new Resilience Management Model of CERT at the Software Engineering Institute (CERT/SEI, Carnegie Mellon University) - a comprehensive and complete reference model and framework helping organizations maintain security, IT operations and business continuity in a converged manner and without additional bureaucratic burden.

Compared with other technologies, C and C++ pose unique and difficult challenges to the process of continuously writing and delivering quality code without security issues. The great power that a developer possesses over e.g. memory management results in the responsibility to write code that deals properly with object lifecycles, manages buffers correctly and many other aspects that have no equivalent in languages with automatic memory management.

The LAMP (Linux, Apache, MySQL and PHP) web service stack is one of the most popular choices for developing and deploying web applications. Due to the rich set of features and the complexity of this bundle, special attention must be paid to its security configuration.

With the introduction of wide-ranging and impactful legislation and requirements for privacy and data security (like GDPR), a radical, yet powerful cryptography-based solution is gaining traction and relevance. The “Untrusted Server” model assumes the Web application backend will never have access to customers’ data in plaintext, thereby negating almost all impact of data breaches – as the server is unable decrypt users’ data, so is the attacker.

By popular demand, CyResLab has developed a version of the "Top 10 Web Threats" course for QA specialists.
The course shifts focus from secure coding and programming countermeasures to security defect detection and analysis (a.k.a. triage), as well as the tools that are needed to master this process.

Researchers have presented estimations that up to 90% of all applications have at least one vulnerability. While research about mobile applications in particular, is scarce high-profile data thefts like the Snapchat user database indicate serious security concerns even for apps that are used by millions.

Researchers have presented estimations that up to 90% of all applications have at least one vulnerability. While research about mobile applications in particular is scarce, high-profile data thefts like the Snapchat user database indicate serious security concerns even for apps that are used by millions.